Add secureOptions in `https` config #178

Merged
merged 1 commit into from Dec 23, 2014

Projects

None yet

2 participants

@willdurand
Contributor

Defaults is: constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_SSLv2

See: https://gist.github.com/3rd-Eden/715522f6950044da45d8

@dmp42 dmp42 commented on an outdated diff Dec 23, 2014
lib/config/defaults.js
@@ -19,7 +19,10 @@
// If binding, will use default port unless instructed otherwise
port: 443,
// No CA provided
- ca: []
+ ca: [],
+ secureProtocol: "SSLv23_method",
+ // constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_SSLv2
+ secureOptions: 33554432 | 16777216
@dmp42
dmp42 Dec 23, 2014 Member

Why not use constants.SSL_OP_NO_SSLvX instead of the values?

@willdurand willdurand Add secureOptions in `https` config
Defaults is: constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_SSLv2

See: https://gist.github.com/3rd-Eden/715522f6950044da45d8
9166109
@willdurand
Contributor

@dmp42 fixed the patch to use constants, and rebased.

@dmp42
Member
dmp42 commented Dec 23, 2014

Thanks a lot!
Let travis build and merged this.

@willdurand
Contributor

LGTM from Travis POV :p

@dmp42 dmp42 merged commit b1de0da into hipache:master Dec 23, 2014

1 check passed

continuous-integration/travis-ci The Travis CI build passed
Details
@dmp42
Member
dmp42 commented Dec 23, 2014

Merged :)

@willdurand willdurand deleted the willdurand:secure-options branch Dec 23, 2014
@willdurand
Contributor

thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment